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Definition of Time to Live TLV for LSP-Ping Mechanisms 
Abstract 
LSP-Ping is a widely deployed Operation, Administration, and 
Maintenance (OAM) mechanism in MPLS networks. However, in the 


present form, this mechanism is inadequate to verify connectivity of 
a segment of a Multi-Segment Pseudowire (MS-PW) and/or bidirectional 
co-routed Label Switched Path (LSP) from any node on the path of the 
MS-PW and/or bidirectional co-routed LSP. This document defines a 
TLV to address this shortcoming. 


Status of This Memo 


Boutros, 


This is an Internet Standards Track document. 


This document is a product of the Internet Engineering Task Force 
(IETF). It represents the consensus of the IETF community. It has 
received public review and has been approved for publication by the 
Internet Engineering Steering Group (IESG). Further information on 
Internet Standards is available in Section 2 of RFC 5741. 


Information about the current status of this document, 
and how to provide feedback on it may be obtained at 
http://www.rfc-editor.org/info/rfc7394. 
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1. Introduction 
An MS-PW may span across multiple service provider networks. In 


order to allow Service Providers (SPs) to verify segments of such 
MS-PWs from any node on the path of the MS-PW, any node along the 
path of the MS-PW, should be able to originate an MPLS Echo Request 
packet to any other node along the path of the MS-PW and receive the 
corresponding MPLS Echo Reply. If the originator of the MPLS Echo 
Request is at the end of a MS-PW, the receiver of the request can 
send the reply back to the sender without knowing the hop-count 
distance of the originator. The reply will be intercepted by the 
originator regardless of the TTL value on the reply packet. But, if 
the originator is not at the end of the MS-PW, the receiver of the 
MPLS Echo Request may need to know how many hops away the originator 
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of the MPLS Echo Request is so that it can set the TTL value on the 
MPLS header for the MPLS Echo Reply to be intercepted at the 
originator node. 


In MPLS networks, for bidirectional co-routed LSPs, if it is desired 
to verify connectivity from any intermediate node Label Switching 
Router (LSR) on the LSP to the any other LSR on the LSP the receiver 
may need to know the TTL to send the MPLS Echo Reply with, so as the 
packet is intercepted by the originator node. 


A new optional TTL TLV is defined in this document. This TLV will be 
added by the originator of the MPLS Echo Request to inform the 
receiver how many hops away the originator is on the path of the 
MS-PW or bidirectional LSP. 
This mechanism only works if the MPLS Echo Reply is sent down the 
co-routed LSP; hence, the scope of this TTL TLV is currently limited 
to MS-PW or bidirectional co-routed MPLS LSPs. The presence of the 
TLV implies the use of the return path of the co-routed LSP, if the 
return path is any other mechanism, then the TLV in the MPLS Echo 
Request MUST be ignored. 

2. Terminology 
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", “SHALL NOT", 
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 
document are to be interpreted as described in RFC 2119 [RFC2119]. 
LSR: Label Switching Router 
MPLS-TP: MPLS Transport Profile 
MS-PW: Multi-Segment Pseudowire 
PW: Pseudowire 


TLV: Type Length Value 


TTL: Time To Live 


Boutros, et al. Standards Track [Page 3] 


RFC 7394 TTL TLV for LSP-Ping Mechanisms November 2014 


3. Time To Live TLV 


3.1. TTL TLV Format 


0 1 2 3 
0-1..2 345 6 y 8 9-0 L2 3 4 5 6 7.:8:9-0 23:14 56 77. 89 0-1 
V—R—R—E-R-—-—----R— RR ———---.-—.-.-.———---.-— 4-44 
| Type - 32769 | Length - 8 | 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +++ 
| | Value | | Reserved | Flags 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- +++ 


Figure 1: Time To Live TLV Format 
The TTL TLV has the format shown in Figure 1. 
Value 
The value of the TTL as specified by this TLV 
Flags 
The Flags field is a bit vector with the following format: 


0 1 
0123456789012345 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 
| MBZ |R] 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 


One flag is defined for now, the R flag. The rest of the 
flags are Reserved - MUST be zero (MBZ) when sending and 
ignored on receipt. 


The R flag (Reply TTL) is set signify that the value is 
meant to be used as the TTL for the reply packet. Other bits 
may be defined later to enhance the scope of this TLV. 


3.2. Usage 


The TTL TLV MAY be included in the MPLS Echo Request by the 
originator of the request. 


If the TTL TLV is present and the receiver does not understand TTL 
TLVs, it will simply ignore the TLV, as is the case for all optional 
TLVs. If the TTL TLV is not present or is not processed by the 
receiver, any determination of the TTL value used in the MPLS label 
on the LSP-Ping echo reply is beyond the scope of this document. 
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If the TTL TLV is present and the receiver understands TTL TLVs, one 
of the following two conditions apply: 


o If the TTL TLV value field is zero, the LSP-Ping echo request 
packet SHOULD be dropped. 


o Otherwise, the receiver MUST use the TTL value specified in the 
TTL TLV when it creates the MPLS header of the MPLS Echo Reply. 
The TTL value in the TTL TLV takes precedence over any TTL value 
determined by other means, such as from the Switching Point TLV in 
the MS-PW. This precedence will aid the originator of the LSP- 
Ping echo request in analyzing the return path. 


4. Operation 


In this section, we explain a use case for the TTL TLV with an MPLS 
MS-PW. 


«------------------ MS-PW --------------------- > 
A B C D E 
OCcMeRIOTSI pestises O S2aSsos= rmac o 


---MPLS Echo Request---> 
<--MPLS Echo Reply------ 


Figure 2: Use-Case with MS-PWs 


Let us assume an MS-PW going through LSRs A, B, C, D, and E. 
Furthermore, assume that an operator wants to perform a connectivity 
check between B and D, from B. Thus, an MPLS Echo Request with the 
TTL TLV is originated from B and sent towards D. The MPLS Echo 
Request packet contains the FEC of the PW Segment between C and D. 
The value field of the TTL TLV and the TTL field of the MPLS label 
are set to 2, the choice of the value 2 will be based on the operator 
input requesting the MPLS Echo Request or from the optional LDP 
switching point TLV. The MPLS Echo Request is intercepted at D 
because of TTL expiry. D detects the TTL TLV in the request and uses 
the TTL value (i.e., 2) specified in the TLV on the MPLS label of the 
MPLS Echo Reply. The MPLS Echo Reply will be intercepted by B 
because of TTL expiry. 


The same operation will apply when we have a co-routed bidirectional 
LSP and we want to check connectivity from an intermediate LSR "B" to 
another LSR "D". 
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4.1. Traceroute Mode 


In traceroute mode, the TTL value in the TLV is set to 1 for the 
first Echo Request, then to 2 for the next, and so on. This is 
similar to the TTL values used for the label set on the packet. 


4.2. Error Scenario 


It is possible that the MPLS Echo Request packet was intercepted 
before the intended destination for reasons other than label TTL 
expiry. This could be due to network faults, misconfiguration, or 
other reasons. In such cases, if the return TTL is set to the value 
specified in the TTL TLV, then the echo response packet will continue 
beyond the originating node. This becomes a security issue. 


To prevent this, the label TTL value used in the MPLS Echo Reply 
packet MUST be modified by deducting the incoming label TTL on the 
received packet from TTL TLV value. If the MPLS Echo Request packet 
is punted to the CPU before the incoming label TTL is deducted, then 
another 1 MUST be added. In other words: 


Return TTL Value on the MPLS Echo Reply packet = (TTL TLV Value) - 
(Incoming Label TTL) + 1 


5. Security Considerations 


This document allows the setting of the TTL value in the MPLS Label 
of an MPLS Echo Reply, so that it can be intercepted by an 
intermediate device. This can cause a device to get a lot of LSP- 
Ping packets that get redirected to the CPU. 


However, the same is possible even without the changes mentioned in 
this document. A device should rate limit the LSP-Ping packets 
redirected to the CPU so that the CPU is not overwhelmed. 


The recommendation in the Security Considerations of [RFC4379] 
applies, to check the source address of the MPLS Echo Request; 
however, the source address can now be any node along the LSP path. 


A faulty transit node changing the TTL TLV value could make the wrong 
node reply to the MPLS Echo Request, and/or the wrong node to receive 
the MPLS Echo Reply. An LSP trace may help identify the faulty 
transit node. 
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6. IANA Considerations 


November 2014 


IANA has assigned a TLV type value to the following TLV from the 
"Multi-Protocol Label Switching (MPLS) Label Switched Paths (LSPs) 


Ping Parameters" registry in the "TLVs" subregistry. 
g g y 


Time To Live TLV (see Section 3). 
IANA has allocated the value 32769. 
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